[AusNOG] Conspiracy? Manupulation? See it for yourself!

[Heinz N]

Not everyone has SPF or TXT records. If the MTA enforces SPF, then senders 
without it will get bounced. Also note that not everyone has control of 
their DNS. It is sad that there is so little usage of SPF & TXT records in 
the wild. If *everyone* has SPF then spam would be heavily diminished. 
Unfortunately there are just too many people who don't like adding extra 
records in their zone files.

- Heinz

On Wed, 24 Apr 2013, Chris Jones wrote:

> Wouldn't a simpler solution be:
>
> 1.  Add an SPF record for ausnog.net
> 2.  Enforce this on lists.ausnog.net
>
> ??
>
> - Chris
>
> On 24/04/2013, at 1:33 PM, Heinz N <ausnog at equisoft.com.au> wrote:
>
>> On Wed, 24 Apr 2013, Skeeve Stevens wrote:
>>
>>> So we know where the spam is coming from or how they are subscribing?
>>>
>>
>> Reading the headers:
>>
>> From: <ausnog at ausnog.net>
>> To: <ausnog at ausnog.net>
>>
>> I think that the spammers are not subscribing at all. They are exploiting a simple weekness in the MTA configuration.
>>
>> I would not dare test this as it might be perceived as an attack, but I suspect that the ausnog MTA will relay if the "RCPT To:" and "MAIL From:" are both reported as from local domain ausnog.net.
>>
>> I had this problem a long while ago and the only way I could get around this was to have 2 MTAs. One "public" one will accept mail to my local domain(s) but it is specifically blocked from relaying for them. The private one will relay for the local domains and is only used for sending out. Now spammers get a nasty bounce message if they try to pretend to be "MAIL From:" any of my local domains, sending "RCPT To:" any of my local domains :-)
>>
>> Regards,
>> Heinz N.
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>